Q: 9
Which OCI Identity and Access Management (IAM) feature enables administrators to define conditions
under which users can access OCI resources, thereby implementing an additional layer of security?
Options
Discussion
A . Official Oracle docs and practice tests both mention conditions in policies as the way to set granular access.
Don’t think it’s D, since groups just organize users but can’t set access rules. Option A is the only one that lets admins add actual condition logic in policies. I’ve seen a similar question and pretty sure A is the answer, but open if someone has real-world counterexamples.
Makes sense to pick A for this. Only policies can actually define those access conditions in OCI IAM.
Probably A here. Groups (D) added to the confusion, but only policies let you set actual access conditions. Open to other views.
Option D since groups manage user assignments and can restrict access, which adds that extra control layer. Disagree?
Maybe C. Had something like this in a mock and picked Federation for letting admins control access conditions.
A , but if the question had asked about dynamic user membership then D would apply instead.
Option A makes the most sense since policies are where you can actually set conditions like IP restrictions or MFA in OCI. Groups just organize users, but can't apply that extra security layer. I think it's A, but not 100% sure.
A
A , since only policies let you add specific conditions for access. Groups just assign users, not context-based controls.
Be respectful. No spam.
